A SECURE ARCHITECTURE FOR ENHANCED KEY AGGREGATION CRYPTO SYSTEM

53 |

P a g e

A SECURE ARCHITECTURE FOR ENHANCED KEY

AGGREGATION CRYPTO SYSTEM

B. Shilpa

, Bhaludra Raveendranadh Singh

, Moligi Sangeetha

1

Pursuing M.Tech (CSE),

Principal,

Associate Professor & HOD (CSE)

3

Visvesvaraya College of Engineering and Technology (VCET), M.P Patelguda, Ibrahimpatnam (M),

Ranga

, (India)

ABSTRACT

Now a Days Data sharing plays an energetic role in the cloud computing. In this system we define that how the

data is transferred or shared securely and efficiently data sharing from one cloud storage to other cloud

storage. In this chapter we introduce a present public-key cryptosystems which produces the constant-size

cryptograph texts such that dependable allocation of decryption for any set of cryptograph texts is possible. The

Actual subject is that one can collective any number of secret keys and makes them as a compact as a single key,

but to include something new the power of all the keys being used. Apart from this , the secret key container can

realise that a constant-size aggregate or happen troubled key for cable of being changing the choices of the

cryptograph text set in to the cloud storage, but the additional encoded file which is maintained outside will

remain secure. This original aggregate key can be freely and conveniently sent to the other storage device or

being stored in a smart card with very limited safe storing. In this system we presented certain protected

analysis of our schemes in the standard model. In particular, our schemes give the public-key patient that is

controlled encryption for flexible hierarchy, which was to be known.

I. INTRODUCTION

Distributed storage is picking up importance as of late. In big business settings, we see the ascent popular for

information outsourcing, which helps with the dynamic administration of corporate information. It is

additionally utilized as a centre innovation behind numerous online administrations for individual applications.

These days, it is anything but difficult to apply with the expectation of complimentary records for email,

photograph collection, document sharing and/or remote access, with capacity estimate more than 25GB (or a

couple of dollars for additional than 1TB). Together with the present remote innovation, clients can get to the

greater part of their documents and messages by a cell telephone in any edge of the world. Considering

information security, a conventional approach to guarantee it is to depend on the server to authorize the entrance

control after confirmation, which implies any startling benefit heightening will uncover all information. In a

mutual occupancy distributed computing environment, things turn out to be surprisingly more terrible.

Information from distinctive customers can be facilitated on partitioned virtual machines (VMs) yet live on a

solitary physical machine. Information in an objective VM could be stolen by instantiating another VM

co-occupant with the objective one With respect to of documents, there are progressions of cryptographic plans

54 |

P a g e

information proprietor without spilling anything about the information, or without bargaining the information

proprietors obscurity. Similarly, cloud clients most likely won't hold the solid conviction that the cloud server is

making a decent showing as far as secrecy. A cryptographic arrangement, with demonstrated security depended

on number-theoretic suspicions is more attractive, at whatever point the client is not perfectly content with

trusting the security of the VM or the genuineness of the specialized staff. These clients are converted to encode

their information with their own keys before transferring them to the server. Information sharing is an essential

usefulness in cloud capacity. Case in point, bloggers can let their companions view a subset of their private

pictures; an undertaking may gift her workers access to a bit of delicate information. The testing issue is the

means by which to viably offer encoded information. Obviously clients can download the scrambled

information from the capacity, unscramble them, then send them to others for sharing, yet it loses the estimation

of distributed storage. Clients ought to have the capacity to appoint the entrance privileges of the sharing

information to others with the goal that they can get to this information from the server specifically. In any case,

discovering an effective and secure approach to share halfway information in cloud capacity is not unimportant.

Beneath we will take Drop box as a case for delineation. Accept that Alice puts all her private photographs on

Drop box, and she wouldn't like to open her photographs to everybody. Because of different information

spillage plausibility Alice can't feel eased by simply depending on the security assurance components provided

by Drop box, so she encodes every one of the photographs utilizing her own keys before transferring. One day,

Alice's companion, Bob, requests that her share the photographs assumed control over every one of these years

which Bob showed up in. Alice can utilize the offer capacity of Drop however the issue now is the manner by

which to designate the unscrambling rights for these photographs to Bob. A conceivable choice Alice can pick is

to safely send Bob the mystery keys included.

1.1 Architecture

Fig: Alice Shares Files with Identifiers 2, 3, 6 and 8 with Bob by Sending Him a Single

Aggregate Key.

We take care of this issue by presenting an extraordinary sort of open key encryption which we call

key-aggregate cryptosystem (KAC). In KAC, clients scramble a message under an open key, as well as under an

55 |

P a g e

key proprietor holds an expert mystery called expert mystery key, which can be utilized to concentrate mystery

keys for distinctive classes. More critically, the separated key have can be a total key which is as reduced as a

mystery key for a solitary class, in any case, totals the force of numerous such keys, i.e., the unscrambling force

for any subset of cipher text classes. With our answer, Alice can basically send Bob a solitary total key through

a protected email. Sway can download the scrambled photographs from Alice's Drop box space and at that point

utilize this total key to unscramble these scrambled photographs. The situation is portrayed in Figure. The sizes

of cipher text, open key, expert mystery key also, total key in our KAC plans are all of consistent size. General

society framework parameter has size direct in the number of cipher text classes, however just a little piece of it

is required every time and it can be gotten on interest from extensive (yet non-classified) distributed storage.

Past results may accomplish a comparable property highlighting a consistent size unscrambling key, yet the

classes need to adjust to some pre-characterized various leveled relationship. Our work is adaptable as in this

limitation is wiped out, that is, no exceptional connection is needed between the classes.

II. RELATED WORK

This section we compare our basic KAC scheme with other possible solutions on sharing in secure cloud

storage.

2.1 Cryptographic Keys for a Predefined Hierarchy

The main theme of the cryptographic key or security of the data in this phase is to provide the security of a user

data. In cryptographic system is to reduce the cost of a storing the key and managing the security. Secrete key

for the purpose of cryptographic. In basic structure of tree hierarchy containing nodes and sub nodes. Granted

permissions of a main node then share files in descent nodes.

2.2 Compact Key in Symmetric-Key Encryption

Compact key symmetric key encryption problem is supporting hierarchy flexible delegation power of

decryption. Benaloh was proposed an encryption scheme it mainly apply for trans mitting large number of keys

in broadcast of telecommunication. In compact key encryption is tried to minimize the size of symmetric

encryption in authentication.

2.3 Compact Key in Identity-Based Encryption

It is the one type of public key encryption is identity based encryption. In this a user can send identity string

through secure mail. In middle adjust a trusted party is called private key generator. In identity based

encryption user holds a secure master secrete key, secrete key issue based on the trustee authentication, user

encrypt the public key with message and receiver decrypt the cipher text with help of secrete key.

2.4 Attribute Based Encryption:

In attribute based encryption user encrypt the code cipher text and along with one attribute, master secret key

user separate a secret key based on a policy of this attributes, so cipher text decryption can be based on the

56 |

P a g e

2.5 Key-Aggregate Encryption

Here in this encryption technique first we give the framework and definition for key-aggregate encryption. After

that we discuss about how to use KAC i.e., key-Aggregate Encryption in a scenario of its application in its cloud

storage.

2.6 Framework

In this framework a key aggregate encryption scheme consists of five polynomial-time algorithms. The data

owner creates the public key via setup and generates a master-secret key pair via Key Gen. Messages can be

encrypted what cipher text class is associated with the plain text message to be encrypted. Here the file is shared

using KAC and the key aggregation is useful when we expect the delegation to be efficient and flexible and is

finally shared another user secure.

In this paper, we know that how to make decrypt key is more secure in the sense that allows the decryption of

multiple cipher texts, without changing its size. In order to solve the issue we have introduced a special type of

key i.e., Public-Key cryptosystem or key aggregate cryptosystem It will send or shares the data securely because

we are using KAC and the user encrypt a message not only under public-key, but also under an identifier of

cipher text which is called as class.

Here in this existing system we are having the encryption and decryption key in order to share the data securely

but the size of the file is increased that has been improved by this paper.

We are going to increase the security and privacy level of the data and meanwhile the size of the file will also

maintain constant securely providing access to the users.

1. Setup Phase

Here in this phase the data owner will execute this phase for an registered account which is not trusted whether

the user is genuine or not. The setup phase will have the algorithm that takes only the implicit parameters.

2. KeyGen Phase

Here in this phase the KeyGen will be executed by the above data owner and enters the Public Key(pk) or the

Master Key(msk).

3. Encrypt Phase

Here in this phase the Encryption will be executed by everyone who got registered and who wants to send the

data from sender to receiver. Encrypt i.e, (pk,m,i) , the encryption algorithm takes the input parameters as public

key(pk),message (m) and the output will be cipher text(C). This algorithm willencrypt the message m and the

cipher text C and along with this the public key which should assign by sender will also be send to the receiver.

4. Decrypt Phase

Here in this phase the decryption will be executed firstly we will enter the public key and the cipher text and the

public key combine and gets the output of the original file. This decrypt phase will take the input as public

parameters pk, as a cipher text C, i and the output will be the message m and the final output or file can be

received for the receiver after the Decryption process.

2.7 Data Sharing

KAC which means for Data sharing. Here the data owner can share the data very securely and confidently

57 |

P a g e

the server first the setup phase will be execute and a public key is generated using KeyGen. The master key is

kept secret and while decryption the receiver will enter the secret key and combing this two i.e., public key and

the cipher text the original file is displayed. When the aggregate key he enters then the user can view the file and

download the file with the same file size in a secure manner.

Fig. Using KAC for Data Sharing in Cloud Storage

Here from the above architecture the sender is sharing the each individual file with its own key every file has its

own file name and key by using the Key Aggregate Generator and this all the files are stored in the cloud

storage by using the concept of the cloud computing. This all the files are securely stored in the cloud storage in

network storage and meanwhile the file size will not be increased it will maintain constant at the time of the

encryption. Messages can be encrypted what cipher text class is associated with the plain text message to be

encrypted. Here the file is shared using KAC and the key aggregation is useful when we expect the delegation to

be efficient and flexible and is finally shared another user securely. Here we use the Key Aggregate

cryptosystem algorithm to generate a key and meanwhile to share the data securely and the size of the data will

not be increased while encrypting or decrypting. The sender will send only the wanted files to the receiver and

stop the unwanted files .From the receiver side the receiver will receive the files that are sent by the sender The

receiver while viewing the file or images the receiver should enter the key while decryption once the receiver

enter the key if the key matches the receiver can view the file and meanwhile download the file.

III. CONCLUSION AND FUTURE WORK

Step by step instructions to secure clients' information protection is a focal inquiry of distributed storage. With

more numerical instruments, cryptographic plans are getting more adaptable and regularly include various keys

58 |

P a g e

which bolster appointment of mystery keys for diverse cipher text classes in cloud capacity. Regardless of which

one among the force set of classes, the delegate can simply get a total key of steady size. Our methodology is

more adaptable than progressive key task which can just spare spaces in the event that every key-holder shares a

comparable arrangement of benefits.

A constraint in our work is the predefined bound of the quantity of most extreme cipher text classes. In cloud

capacity, the quantity of cipher texts typically becomes quickly. So we need to save enough cipher text classes

for the future expansion. Else, we have to extend the open key as we portrayed. In spite of the fact that the

parameter can be downloaded with cipher texts, it would be better in the event that its size is autonomous of the

most extreme number of cipher text classes. On the other hand, when one bears the appointed keys in a cell

phone without utilizing unique trusted equipment, the key is brief to spillage, planning a leakage resilient

cryptosystem yet permits effective and adaptable key assignment is likewise an intriguing course.

REFERENCES

[1] S. S. M. Chow, Y. J. He, L. C. K. Hui, and S.-M.Yiu, “SPICE -Simple Privacy-Preserving

Identity-Management for Cloud Environment, ”in Applied Cryptography and Network Security – ACNS 2012, ser.

LNCS, vol. 7341. Springer, 2012, pp. 526–543.

[2] C. Wang, S. S. M. Chow, Q. Wang, K. Ren, and W. Lou, “Privacy-Preserving Public Auditing for Secure

Cloud Storage,” IEEE Trans.Computers, vol. 62, no. 2, pp. 362–375, 2013.

[3] B. Wang, S. S. M. Chow, M. Li, and H. Li, “Storing Shared Data on the Cloud via Security-Mediator,” in

International Conference on Distributed Computing Systems - ICDCS 2013. IEEE, 2013.

[4] M. J. Atallah, M. Blanton, N. Fazio, and K. B. Frikken, “Dynamic and Efficient Key Management for

Access Hierarchies,” ACM Transactions on Information and System Security (TISSEC), vol. 12, no. 3,

2009.

[5] F. Guo, Y. Mu, Z. Chen, and L. Xu, “Multi-Identity Single-Key Decryption without Random Oracles,” in

Proceedings of Information Security and Cryptology (Inscrypt ’07), ser. LNCS, vol. 4990. Springer, 2007,

pp. 384–398.

[6] S. G. Akl and P. D. Taylor, “Cryptographic Solution to a Problem of Access Control in a Hierarchy,”

ACM Transactions on Computer Systems (TOCS), vol. 1, no. 3, pp. 239–248, 1983.

[7] W.-G. Tzeng, “A Time-Bound Cryptographic Key Assignment Scheme for Access Control in a

Hierarchy,” IEEE Transactions on Knowledge and Data Engineering (TKDE), vol. 14, no. 1, pp. 182–188,

2002.

[8] R. S. Sandhu, “Cryptographic Implementation of a Tree Hierarchy for Access Control,” Information

Processing Letters, vol. 27, no. 2, pp. 95–98, 1988.

[9] L. B. Oliveira, D. Aranha, E. Morais, F. Daguano, J. Lopez, and R. Dahab, “Tiny Tate: Computing the

Tate Pairing in Resource-Constrained Sensor Nodes,” in Proceedings of 6th IEEE International

Symposium on Network Computing and Applications (NCA ’07). IEEE, 2007, pp. 318–323.

[10] D. Boneh, X. Boyen, and E.-J. Goh, “Hierarchical Identity Based Encryption with Constant Size Cipher

text,” in Proceedings of Advances in Cryptology - EUROCRYPT ’05, ser. LNCS, vol. 3494. Springer,

59 |

P a g e

[11] C.-K. Chu, J. Weng, S. S. M. Chow, J. Zhou, and R. H. Deng, “Conditional Proxy Broadcast

Re-Encryption,” in Australasian Conference on Information Security and Privacy (ACISP ’09), ser. LNCS,

vol. 5594. Springer, 2009, pp. 327–342.

[12] J. Benaloh, “Key Compression and Its Application to Digital Fingerprinting,” Microsoft Research, Tech.

Rep., 2009.

AUTHORDETAILS

B. Shilpa Pursuing M-Tech in Visvesvaraya College of Engineering and Technology (VCET), M.P Patelguda, Ibrahimpatnam (M), Ranga Reddy (D)-501510, India.

Sri Dr. Bhaludra Raveendranadh Singh working as Associate Professor & Principal in Visvesvaraya College of Engineering and Technology obtained M.Tech, Ph.D(CSE)., is a

young, decent, dynamic Renowned Educationist and Eminent Academician, has overall 20

years of teaching experience in different capacities. He is a life member of CSI, ISTE and

also a member of IEEE (USA)

Ms’s. Sangeetha M working as Assoc. Professor & HOD (CSE). She has completed bachelor of technology from Swamy Ramananda Theertha Institute of Science &

Technology and Post-graduation from Jawaharlal Nehru Technological